General
-
Target
hbtwo_20220310-180244
-
Size
628KB
-
Sample
220310-v42xlscefn
-
MD5
cf3a653adff65b3aafc3b0a10e360cbe
-
SHA1
ae8fc3b9943df6c056ee71c648dfd0baf94daa40
-
SHA256
ec642b740a50f40817b916be127f134645b403ddb31c014bd1e85b4ce785d9a7
-
SHA512
f5633e8f188f6cf4fe93d71668723834d4e11b9365acfeb827de54a078fddc96b47dde970c13e489bd88feda32dcd39363c0bbbc346b09a9c4ab8940ed9323b1
Static task
static1
Behavioral task
behavioral1
Sample
hbtwo_20220310-180244.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
hbtwo_20220310-180244.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
raccoon
1c0fad6805a0f65d7b597130eb9f089ffbe9857d
-
url4cnc
http://194.180.191.241/capibar
http://103.155.93.35/capibar
https://t.me/capibar
Targets
-
-
Target
hbtwo_20220310-180244
-
Size
628KB
-
MD5
cf3a653adff65b3aafc3b0a10e360cbe
-
SHA1
ae8fc3b9943df6c056ee71c648dfd0baf94daa40
-
SHA256
ec642b740a50f40817b916be127f134645b403ddb31c014bd1e85b4ce785d9a7
-
SHA512
f5633e8f188f6cf4fe93d71668723834d4e11b9365acfeb827de54a078fddc96b47dde970c13e489bd88feda32dcd39363c0bbbc346b09a9c4ab8940ed9323b1
-
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
-
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
-